Cyber Security Manager
FULL TIME/PART TIME
- Participate and respond to audit and regulatory exam requests for information. Review issues and plan response activities with the CISO. Management response activities to ensure responses are properly implemented within designated timeframes.
- Manage Information Security Risk for the Enterprise through identification and coordination of remedial activities.
- Identify and manage CyberSecurity strategy and projects for the enterprise. Insure projects and plans are aligned to the industry trends and the latest threats and vulnerabilities.
- Create and maintain Information Security processes, procedures, and standards.
- Manage Information Security Vendors and oversee their SLA performance.
- Create, Recommend, Manage, and Report relevant Security Metrics.
- Assist in Vendor Risk Management due diligence related to Information Security.
- Operational and Tactical relationship with all Information Security vendors’ — Asses performance and their capabilities.
- Bachelor’s degree in Information Technology/Information Security or equivalent is required.
- Possess a minimum of 10+ years of progressive and current experience in the Information Security industry, in a financial services and/or a related consulting organization.
- 5+ years in Information Security management.
- Ability to think with a security mindset.
- Strong IT background with in-depth knowledge of several key security practice areas: application security, network security, and infrastructure security.
- Strong knowledge of regulatory standards that govern Information Security practices at a Financial Institution such as SOX, PCI, GLBA, and state and federal privacy laws.
- Strong written and oral communication skills including the ability to interact directly with employees that do not have an IT background.
- Strong presentation skills involving large, and of varying IT background, audiences, including the most senior management at the company.
- Ability to work closely with both technology and business line management.
- Proven ability to serve as an effective member of a management team, be an effective leader to a team of highly trained personnel and consultants; and interact effectively with law enforcement agencies, risk and data managers, auditors, consultants, vendors, and stakeholders.
- Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) a plus